1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/command_line.h"
6 #include "chrome/browser/signin/signin_promo.h"
7 #include "chrome/browser/ui/browser.h"
8 #include "chrome/browser/ui/tabs/tab_strip_model.h"
9 #include "chrome/browser/ui/webui/signin/inline_login_ui.h"
10 #include "chrome/browser/ui/webui/signin/login_ui_service.h"
11 #include "chrome/browser/ui/webui/signin/login_ui_service_factory.h"
12 #include "chrome/common/chrome_switches.h"
13 #include "chrome/common/url_constants.h"
14 #include "chrome/test/base/in_process_browser_test.h"
15 #include "chrome/test/base/test_browser_window.h"
16 #include "chrome/test/base/test_chrome_web_ui_controller_factory.h"
17 #include "chrome/test/base/testing_browser_process.h"
18 #include "chrome/test/base/ui_test_utils.h"
19 #include "content/public/browser/render_frame_host.h"
20 #include "content/public/browser/render_process_host.h"
21 #include "content/public/browser/session_storage_namespace.h"
22 #include "content/public/browser/storage_partition.h"
23 #include "content/public/browser/web_contents.h"
24 #include "content/public/browser/web_ui_controller.h"
25 #include "content/public/common/url_constants.h"
26 #include "content/public/test/browser_test_utils.h"
27 #include "content/public/test/test_navigation_observer.h"
28 #include "google_apis/gaia/fake_gaia.h"
29 #include "google_apis/gaia/gaia_switches.h"
30 #include "net/base/url_util.h"
31 #include "net/test/embedded_test_server/embedded_test_server.h"
32 #include "net/test/embedded_test_server/http_request.h"
33 #include "net/test/embedded_test_server/http_response.h"
34 #include "testing/gmock/include/gmock/gmock.h"
35 #include "testing/gtest/include/gtest/gtest.h"
38 using ::testing::Invoke;
39 using ::testing::InvokeWithoutArgs;
44 ContentInfo(int pid, content::StoragePartition* storage_partition) {
46 this->storage_partition = storage_partition;
50 content::StoragePartition* storage_partition;
53 ContentInfo NavigateAndGetInfo(
56 WindowOpenDisposition disposition) {
57 ui_test_utils::NavigateToURLWithDisposition(
58 browser, url, disposition,
59 ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
60 content::WebContents* contents =
61 browser->tab_strip_model()->GetActiveWebContents();
62 content::RenderProcessHost* process = contents->GetRenderProcessHost();
63 return ContentInfo(process->GetID(), process->GetStoragePartition());
66 // Returns a new WebUI object for the WebContents from |arg0|.
67 ACTION(ReturnNewWebUI) {
68 return new content::WebUIController(arg0);
71 // Mock the TestChromeWebUIControllerFactory::WebUIProvider to prove that we are
72 // not called as expected.
73 class FooWebUIProvider
74 : public TestChromeWebUIControllerFactory::WebUIProvider {
76 MOCK_METHOD2(NewWebUI, content::WebUIController*(content::WebUI* web_ui,
80 class MockLoginUIObserver : public LoginUIService::Observer {
82 MOCK_METHOD0(OnUntrustedLoginUIShown, void());
85 const char kFooWebUIURL[] = "chrome://foo/";
89 class InlineLoginUIBrowserTest : public InProcessBrowserTest {
91 InlineLoginUIBrowserTest() {}
96 #define MAYBE_DifferentStorageId DISABLED_DifferentStorageId
98 #define MAYBE_DifferentStorageId DifferentStorageId
100 IN_PROC_BROWSER_TEST_F(InlineLoginUIBrowserTest, MAYBE_DifferentStorageId) {
101 GURL test_url = ui_test_utils::GetTestUrl(
102 base::FilePath(base::FilePath::kCurrentDirectory),
103 base::FilePath(FILE_PATH_LITERAL("title1.html")));
106 NavigateAndGetInfo(browser(), test_url, CURRENT_TAB);
108 NavigateAndGetInfo(browser(),
109 signin::GetPromoURL(signin::SOURCE_START_PAGE, false),
111 NavigateAndGetInfo(browser(), test_url, CURRENT_TAB);
113 NavigateAndGetInfo(browser(),
114 signin::GetPromoURL( signin::SOURCE_START_PAGE, false),
117 // The info for signin should be the same.
118 ASSERT_EQ(info2.storage_partition, info3.storage_partition);
119 // The info for test_url and signin should be different.
120 ASSERT_NE(info1.storage_partition, info2.storage_partition);
123 IN_PROC_BROWSER_TEST_F(InlineLoginUIBrowserTest, OneProcessLimit) {
124 GURL test_url_1 = ui_test_utils::GetTestUrl(
125 base::FilePath(base::FilePath::kCurrentDirectory),
126 base::FilePath(FILE_PATH_LITERAL("title1.html")));
127 GURL test_url_2 = ui_test_utils::GetTestUrl(
128 base::FilePath(base::FilePath::kCurrentDirectory),
129 base::FilePath(FILE_PATH_LITERAL("data:text/html,Hello world!")));
131 // Even when the process limit is set to one, the signin process should
132 // still be given its own process and storage partition.
133 content::RenderProcessHost::SetMaxRendererProcessCount(1);
136 NavigateAndGetInfo(browser(), test_url_1, CURRENT_TAB);
138 NavigateAndGetInfo(browser(), test_url_2, CURRENT_TAB);
140 NavigateAndGetInfo(browser(),
141 signin::GetPromoURL( signin::SOURCE_START_PAGE, false),
144 ASSERT_EQ(info1.pid, info2.pid);
145 ASSERT_NE(info1.pid, info3.pid);
148 class InlineLoginUISafeIframeBrowserTest : public InProcessBrowserTest {
150 FooWebUIProvider& foo_provider() { return foo_provider_; }
152 void WaitUntilUIReady() {
153 content::DOMMessageQueue message_queue;
154 ASSERT_TRUE(content::ExecuteScript(
155 browser()->tab_strip_model()->GetActiveWebContents(),
156 "if (!inline.login.getAuthExtHost())"
157 " inline.login.initialize();"
158 "var handler = function() {"
159 " window.domAutomationController.setAutomationId(0);"
160 " window.domAutomationController.send('ready');"
162 "if (inline.login.isAuthReady())"
165 " inline.login.getAuthExtHost().addEventListener('ready', handler);"));
169 ASSERT_TRUE(message_queue.WaitForMessage(&message));
170 } while (message != "\"ready\"");
173 // Executes JavaScript code in the auth iframe hosted by gaia_auth extension.
174 void ExecuteJsInSigninFrame(const std::string& js) {
175 content::WebContents* web_contents =
176 browser()->tab_strip_model()->GetActiveWebContents();
177 ASSERT_TRUE(content::ExecuteScript(InlineLoginUI::GetAuthIframe(
178 web_contents, GURL(), "signin-frame"), js));
182 void SetUp() override {
183 ASSERT_TRUE(embedded_test_server()->InitializeAndWaitUntilReady());
185 // EmbeddedTestServer spawns a thread to initialize socket.
186 // Stop IO thread in preparation for fork and exec.
187 embedded_test_server()->StopThread();
189 InProcessBrowserTest::SetUp();
192 void SetUpCommandLine(CommandLine* command_line) override {
193 const GURL& base_url = embedded_test_server()->base_url();
194 command_line->AppendSwitchASCII(::switches::kGaiaUrl, base_url.spec());
195 command_line->AppendSwitchASCII(::switches::kLsoUrl, base_url.spec());
196 command_line->AppendSwitchASCII(::switches::kGoogleApisUrl,
200 void SetUpOnMainThread() override {
201 embedded_test_server()->RestartThreadAndListen();
203 content::WebUIControllerFactory::UnregisterFactoryForTesting(
204 ChromeWebUIControllerFactory::GetInstance());
205 test_factory_.reset(new TestChromeWebUIControllerFactory);
206 content::WebUIControllerFactory::RegisterFactory(test_factory_.get());
207 test_factory_->AddFactoryOverride(
208 GURL(kFooWebUIURL).host(), &foo_provider_);
211 void TearDownOnMainThread() override {
212 test_factory_->RemoveFactoryOverride(GURL(kFooWebUIURL).host());
213 content::WebUIControllerFactory::UnregisterFactoryForTesting(
214 test_factory_.get());
215 test_factory_.reset();
216 EXPECT_TRUE(embedded_test_server()->ShutdownAndWaitUntilComplete());
219 FooWebUIProvider foo_provider_;
220 scoped_ptr<TestChromeWebUIControllerFactory> test_factory_;
223 // Make sure that the foo webui handler is working properly and that it gets
224 // created when navigated to normally.
225 IN_PROC_BROWSER_TEST_F(InlineLoginUISafeIframeBrowserTest, Basic) {
226 const GURL kUrl(kFooWebUIURL);
227 EXPECT_CALL(foo_provider(), NewWebUI(_, ::testing::Eq(kUrl)))
228 .WillOnce(ReturnNewWebUI());
229 ui_test_utils::NavigateToURL(browser(), GURL(kFooWebUIURL));
232 // Make sure that the foo webui handler does not get created when we try to
233 // load it inside the iframe of the login ui.
234 IN_PROC_BROWSER_TEST_F(InlineLoginUISafeIframeBrowserTest, NoWebUIInIframe) {
235 GURL url = signin::GetPromoURL(signin::SOURCE_START_PAGE, false).
236 Resolve("?source=0&frameUrl=chrome://foo");
237 EXPECT_CALL(foo_provider(), NewWebUI(_, _)).Times(0);
238 ui_test_utils::NavigateToURL(browser(), url);
241 // Flaky on CrOS, http://crbug.com/364759.
242 #if defined(OS_CHROMEOS)
243 #define MAYBE_TopFrameNavigationDisallowed DISABLED_TopFrameNavigationDisallowed
245 #define MAYBE_TopFrameNavigationDisallowed TopFrameNavigationDisallowed
248 // Make sure that the gaia iframe cannot trigger top-frame navigation.
249 // TODO(guohui): flaky on trybot crbug/364759.
250 IN_PROC_BROWSER_TEST_F(InlineLoginUISafeIframeBrowserTest,
251 MAYBE_TopFrameNavigationDisallowed) {
252 // Loads into gaia iframe a web page that attempts to deframe on load.
253 GURL deframe_url(embedded_test_server()->GetURL("/login/deframe.html"));
254 GURL url(net::AppendOrReplaceQueryParameter(
255 signin::GetPromoURL(signin::SOURCE_START_PAGE, false),
256 "frameUrl", deframe_url.spec()));
257 ui_test_utils::NavigateToURL(browser(), url);
260 content::WebContents* contents =
261 browser()->tab_strip_model()->GetActiveWebContents();
262 EXPECT_EQ(url, contents->GetVisibleURL());
264 content::NavigationController& controller = contents->GetController();
265 EXPECT_TRUE(controller.GetPendingEntry() == NULL);
268 // Flaky on CrOS, http://crbug.com/364759.
269 #if defined(OS_CHROMEOS)
270 #define MAYBE_NavigationToOtherChromeURLDisallowed \
271 DISABLED_NavigationToOtherChromeURLDisallowed
273 #define MAYBE_NavigationToOtherChromeURLDisallowed \
274 NavigationToOtherChromeURLDisallowed
277 IN_PROC_BROWSER_TEST_F(InlineLoginUISafeIframeBrowserTest,
278 MAYBE_NavigationToOtherChromeURLDisallowed) {
279 ui_test_utils::NavigateToURL(
280 browser(), signin::GetPromoURL(signin::SOURCE_START_PAGE, false));
283 content::WebContents* contents =
284 browser()->tab_strip_model()->GetActiveWebContents();
285 ASSERT_TRUE(content::ExecuteScript(
286 contents, "window.location.href = 'chrome://foo'"));
288 content::TestNavigationObserver navigation_observer(contents, 1);
289 navigation_observer.Wait();
291 EXPECT_EQ(GURL("about:blank"), contents->GetVisibleURL());
294 #if !defined(OS_CHROMEOS)
295 IN_PROC_BROWSER_TEST_F(InlineLoginUISafeIframeBrowserTest,
296 ConfirmationRequiredForNonsecureSignin) {
298 fake_gaia.Initialize();
300 embedded_test_server()->RegisterRequestHandler(
301 base::Bind(&FakeGaia::HandleRequest,
302 base::Unretained(&fake_gaia)));
303 fake_gaia.SetFakeMergeSessionParams(
304 "email", "fake-sid-cookie", "fake-lsid-cookie");
306 // Navigates to the Chrome signin page which loads the fake gaia auth page.
307 // Since the fake gaia auth page is served over HTTP, thus expects to see an
308 // untrusted signin confirmation dialog upon submitting credentials below.
309 ui_test_utils::NavigateToURL(
310 browser(), signin::GetPromoURL(signin::SOURCE_START_PAGE, false));
313 MockLoginUIObserver observer;
314 LoginUIServiceFactory::GetForProfile(browser()->profile())
315 ->AddObserver(&observer);
316 base::RunLoop run_loop;
317 EXPECT_CALL(observer, OnUntrustedLoginUIShown())
318 .WillOnce(InvokeWithoutArgs(&run_loop, &base::RunLoop::Quit));
321 "document.getElementById('Email').value = 'email';"
322 "document.getElementById('Passwd').value = 'password';"
323 "document.getElementById('signIn').click();";
324 ExecuteJsInSigninFrame(js);
327 base::MessageLoop::current()->RunUntilIdle();
329 #endif // OS_CHROMEOS